Spamvertised 'You have received a gift from one of our members!' malware campaign

Spamvertised 'You have received a gift from one of our members!' malware campaign

Summary: MXLab.eu is reporting on a currently spamvertised malware campaign dropping Backdoor.IRCBot.

SHARE:
TOPICS: Malware, Security
7

MXLab.eu is reporting on a currently spamvertised malware campaign dropping Backdoor.IRCBot which, once executed, opens a connection back to an IRC (Internet Relay Chat) server, allowing the botnet masters easy of control.

Sample messsage:

Hello friend !You have just received a screensaver from someone who really cares about you!This is a part of the message:“Hi there! It has been a very long time since I haven’t heared anything from you! I hope you enjoy this gift from me that i’ve sent with love … I’ve just found out about this service from Sharon, a friend of mine who also told me that…”If you’d like to see the rest of the message click here to receive your 3d live Dolphins===================Thank you for using www.freeze.com ‘s services !!! Please take this opportunity to let your friends hear about us by sending them this screensaver from our personal collection !==================

From a social engineering perspective this is a -- thankfully -- badly executed campaign lacking basic quality assurance elements typical for social engineering campaigns such as timing -- see the Xmas photo -- which could have contributed to a better infection rate.

It seems though the the ubiquitous "You've received a screensaver" social engineering campaign is still favored by novice botnet masters.

Topics: Malware, Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Social enginering from a moron with no social skills... LOL

    Gotta love it.... Even dumb people can get in on the action and create a botnet. Most likely not from the US, and I think you hit the nail on the head with the novice botnet master...

    The sad thing is that people will still fall for something as lame as this.
    i8thecat
  • Bad Grammer

    Bad grammer and mispellings are a good tip off; the part about "haven't heared" might be caused by a lousy translation.
    sboverie
  • Is there a typo in "easy of control" at the end of the first sentence?

    Is there a typo in "easy of control" at the end of the first sentence?
    AMusnikow
  • Yes, there is.

    Required text entry.
    gjl229@...
  • RE: Spamvertised 'You have received a gift from one of our members!' malware campaign

    Wierd picture... is that a two-headed dog?
    spacespeed
  • Get a job at the bakery

    I am suffering from nausea and fatigue (sick and tired) of illiterates who pose as educated journalist. Get a job at the bakery, you wont have to spell or learn grammar. It is easy or in your case easeeee.
    jhad77
  • Oh goodness what will I ever do!!!???

    Oh, I don't use Windows, so....no worries here.
    james347